AI Score
Confidence
Low
EPSS
Percentile
83.2%
common.inc.php in phpWebLog 0.4.2 does not properly initialize the $CONF array, which inadvertently sets the password to a single character, allowing remote attackers to easily guess the SiteKey and gain administrative privileges to phpWebLog.
archives.neohapsis.com/archives/bugtraq/2000-12/0025.html
www.securityfocus.com/bid/2047
exchange.xforce.ibmcloud.com/vulnerabilities/5625